Recent Blog Posts
Blogs ยป Archive for March, 2004
Eye on Security
As I noted in an earlier post, Linux should no longer be considered immune to vulnerabilities or to attacks. In fact, Linux is one of the most attacked systems on the global infrastructure.
While Linux and a majority of open source solutions are (or can be) more secure than other operating systems, your guard should never be let down. Anti-virus systems should be run on workstations and servers just as we all run them on our Macintosh and Windows platforms. File integrity, intrusion detection and spam tools should also be considered for Internet-based servers in addition to patching for vulnerabilities.
On the topic of file integrity, a great open-source port of Tripwire is available at http://www.tripwire.org, which offers alert-based monitoring of your server’s filesystem and configuration files.
Additionally, staying current on advisories, security reports and new tools and vulnerabilties should be on our daily reading task list.
Some excellent resources for these duties include:
CERT –>Advisories, Fixes and Vulnerabilities
LinuxSecurity.com –> Linux Security Community
SecurityFocus –> Unix Review
thanks david, keep these tips coming!
PHP5 In Depth
Via Christian, for you Sunday morning reading, Zend have a collection of articles up on PHP5 in Depth.
XML in PHP 5 - What’s New? - Christian with the lowdown.
PHP SOAP Extension (!) Dmitry Stogov explains the new SOAP extension (which looks like its going to be default functionality for PHP5)
SQLite Introduction Ilia Aleshentsky introduces PHP5 in built database engine.
Tidying up your HTML with PHP 5 John Coggeshall introduces the work he’s been doing to get us all to clean up our HTML acts.
Com_dotnet Wey Furlong covers what he’s been doing with overhauling PHPs ability to natively interop with Windows.
Using ext/mysqli: Part I - Overview and Prepared Statements - Zak Greant and Georg Richter looking at functionality in PHP5’s second MySQL extension.
.NET in Academia
I’ve been attending my University’s annual Postgraduate Research Conference, listening to presentations, and giving one myself!
What struck me was how quickly academia has taken up .NET and how word is spreading. Projects which started in Java are now shifting towards .NET or are investigating .NET as another option of deployment and research. Sure, .NET has been around several years now, but academia is usually slow to change.
Its all good signs as to the future of .NET. Where research is active, is where the next generation solutions will arrive and where developers should concentrate.
It was also good talking to delegates afterward explaining the forthcoming changes in Whidbey and seeing eyes widen as to the possibilities, especially Indigo (a lot of our research is in middleware).
However, one problem seemed to be jarring. Cross-platform support. In my eyes, this is the single biggest limitation to .NET and its uptake in both business and academia. We have Rotor, we have Mono…but it needs a mind-shift from Microsoft to get the ball really rolling.
It won’t happen soon…one of the big problems of having a desktop and server provider writing a development platform. And with Longhorn looking to tie .NET closer still, its an in-built …
PHP 5 Release Candidate 1
Not this is news if you’ve been paying attention (it’s all over PHP.net) but it’s out.
Release Candidates pave the way to an official release (as in “to the best of knowledge, this is stable or with documented bugs”). In other words PHP5 is close.
Nows the time to get your say in. Download the release and test it. See how your existing code handles it. Find bugs bearing in mind the changes and the PHP4 > 5 Migration Guide, and report them (while remembering to read how to report a bug).
Particularily important, no doubt, will be feedback from Windows users. Although PHP is cross platform much of the core development is done on Linux (I assume) so issues on Windows often turn up later. If you don’t want disappointment when a stable release of PHP5 hits the streets, add your input.
Google API CFC
…posted by davidjmedlock:
Well, I’ve returned from my much needed vacation, though I must admit that it’s a little difficult to get motivated again. I suppose it will take me a few days to get back into the groove. Salt Lake City was pretty cool. We went skiiing at Brighton and Park City, stayed at the Grand America (a very cool hotel), and ate at some pretty cool places.
Anyway, I was trying to catch up on my surfing since I’ve been ‘Net-less for about 5 days or so and I came across this:
http://surfmind.com/lab/cf/google/
It’s a CFC that makes use of the Google API. It’s definitely something I’ll be playing around with as soon as I get through my pile of backlogged work and as soon as I get this RSS article done. Oh, and Part 2 of my Code Reuse Blog is coming up. I haven’t forgotten. *sigh* Back to work… No rest for the coder.
Open Source Statistics
Looking to research what open source and web development technologies are in use and additionally analyze them against proprietary platforms? Look no further than SecuritySpace.com - which offers a roster of free and premium research reports on market penetration of various technology platforms.
This is also a great way to see the usage levels of new revisions of technology, for instance, as part of a determination on whether to migrate to Apache 2.x from the stalwart 1.3 release.
Free reports and information on data for sale at http://www.securityspace.com/s_survey/data/index.html
Lazy PHP: Part 2
Following on from Lazy PHP: Part 1, it’s time to get lazy again, with some Lazy Evaluation.
Variable Functions
A lesser known feature of PHP is it’s ability to put a function name in a variable and call the function via the variable, as explained here in the manual.
For example, using the strtolower() function;
$function = ’strtolower’;
$string = ‘HELLO WORLD!’;
echo $function($string); // displays ‘hello world!’
Nice but what’s the point? Well recently I needed a native PHP implementation of the in built array_change_key_case() function, for PHP versions below 4.2.0 (which is when it became available). Thanks to the first user submitted comment from 05-Feb-2004, didn’t even need to engage my brain. Had this straight away;
function array_change_key_case($array, $changeCase = CASE_LOWER) {
$return = array();
foreach($array as $key => $value) {
switch($changeCase) {
case CASE_LOWER:
$return[strtolower($key)] = $value;
break;
case CASE_UPPER:
default:
$return[strtoupper($key)] = $value;
break;
}
}
return $return;
}
[small]Note the use of the $return array is because the in built implementation of array_change_key_case() eliminates duplicate keys.[/small]
But there’s a performance issue here. For each element in the array, the switch condition has to evaluated. For a large array, that could become a significant overhead. What I want is to evaluate the condition once and only once.
Here’s where a variable function can help;
function array_change_key_case($array, $changeCase = CASE_LOWER) {
switch($changeCase) {
case …
Socks and Backups: Two Things You Can Never Have Too Many Of!
There are some things in life that will always serve you well, many pairs of socks and a good solid backup procedure for your data.
Ask yourself the question how many times have you been hit by a hard drive failure or data corruption and not had a backup? What most people say is that they have had catastrophic data loss with no backup of their data usually only once. This normally occurs when you have no decent backup plan in operation.
I mention this as I had a drive failure over the weekend on a portable disk that I shuttle between work and home; lots of important data, and all of it was important data that I couldn’t do without. What was my reaction? Pretty simple really, I restored by data from the backup I had made the night before.
Now this sounds really simple, and the only reason that it was so simple was because I have a pretty solid backup plan that I adhere to strictly. Getting into the routine of backing up your data, is something that you should make a habit of, and there’s plenty of hardware and software around that can help you carry out the …
MOZiE - split screen Mozilla and IE
Via Mozillazine - MOZiE. A clever patchwork of technologies that allows you to view pages with Internet Explorer (5+) and Mozilla (1.5+) simultaneously, as well as other cool features like simulating the pages in various screen resolutions and running pages through the W3 validator at the click of a button.
The work is actually being done by Internet Exlorer, taking advantage of HTA while the Mozilla pane is made possible thanks to Adam Lock’s Mozilla ActiveX Control (Mozilla embedded into IE - very nice).
Along with Chris Pederick’s Web Developer toolbar for Mozilla / Firebird (thanks Simon), LiveHTTPHeaders, DOM Inspector, the Venkman JavaScript debugger and many more, it’s almost malpractice not to use Mozilla (or it’s slick little brother [sister?] Firefox) for developing web pages.
[Not PHP I know, but too good to ignore]
Sponsored Links
Logo Design, Web page Design and more!
- Custom logo designs created ‘just for you’.
- Pick the design you like best.
- Only pay if you’re satisfied with the result.
The most complete and up-to-date HTML Encyclopedia money can buy.
Learn about this Book
FREE SampleDownload sample chapters of any of our popular books.
